_{Russian letters "I", differing in the shape of the trajectory, and an example of finding extreme points for quick comparison of dynamic curves. Source: D.V. Kolyadin, I.B. Petrov, “Algorithm for extracting extreme points as applied to the problem of biometric verification of a handwritten signature” . Researched in Russia. - M .: MIPT, 2005}

A handwritten signature from ancient times remains one of the most popular ways to verify documents. The composition of the handwritten signature is not legally established. This can be a name and surname in handwritten form or just a cross (“X”): any arbitrary set of characters decorated with letters, letterless elements, various curls and strokes.

But now the usual autograph is more than just a stroke on paper. It is able to fulfill the role of a biometric identifier, and the concept of "signature" has expanded significantly:
')

• Physical signature (wet signature): the physical mark on the document, set by the person himself. Previously, it was called simply “signature”, but now sometimes they specifically indicate the definition of wet , so as not to be confused with an electronic signature (ED) and a digital handwritten signature (PI).
• Electronic signature (ED) , it is also a digital signature (CPU), electronic digital signature (EDS).
• Digital handwritten signature (CCP) : a handwritten signature of a person, made with the help of appropriate software (including tablets, displays) to confirm the integrity and authenticity of the signed document in electronic form.

Physical signature (wet signature)

The physical signature in ink on paper is still the basic component of the document verification system, although lately this is no longer the only and most reliable verification method. For example, the international payment system MasterCard announced the cancellation of a handwritten signature from April 2018 when calculating with a credit or debit card in the United States and Canada. According to the statistics of the payment platform, now 80% of purchases on a card in the United States are made without confirmation by a signature, and from April 2018 this amount can grow to 100%.

According to MasterCard, eliminating a handwritten signature is another step in the digital evolution of payments and security. The payment system concluded that the rejection of a physical signature does not reduce the security of payments in the modern era, when smart cards with chips, authorization tokens, biometric identification methods and new digital contactless payment platforms like Masterpass are in mass use.

Despite the prevalence of a physical signature, it is visually quite difficult to distinguish a real signature from a fake. Even two signatures of the same person can vary significantly. Without examination, you cannot be sure that the received document is indeed signed by a specific person, especially if the document was signed without witnesses.

Handwriting signature verification requires a special procedure. There are automated verification systems in which signature recognition algorithms rely on pattern recognition algorithms or mathematical methods for analyzing curves. There are also specialized institutions (forensic examination centers), where specially trained experts perform an examination of the authenticity of the handwritten signature. But in any case, neither automated nor expert assessment can fully guarantee that a particular copy of the signature really corresponds to the original. If the handwritten signature is “simple”, that is, it consists of a small number of elements (1-2 letters), then it is objectively impossible to reliably determine its authenticity. And in any case, for the examination requires one or more "originals" of a handwritten signature, when the carrier of the signature personally signs in the presence of witnesses. Only after this can it be established whether he owns the copy that is being examined.

Electronic signature

Electronic signature - an attribute of an electronic document, obtained as a result of cryptographic transformation of information using the private key.

In Russia, a legally significant electronic signature certificate is issued by a certification authority (certificate authority). Legal conditions for the use of electronic signature are regulated by the Federal Law of the Russian Federation No. 63-FZ of April 6, 2011 “On Electronic Signature”. The latest changes to this law were made in December 2015 and were described at the “Habrahabr” . Here are the two most important innovations:

1. Office issuers of certificates are prohibited from making additional fields with certificates and their mandatory requirements. Now having one single qualified ES you can be authorized and use all state information systems .

2. Now it doesn’t matter who exactly issued the EP key certificate , since all verification certificates allow to build certificate chains up to the Head Certification Authority, so that users only have the HEC certificate to be trusted.

It is important to note that all Russian qualified signatures are valid only on the territory of the Russian Federation, and to verify the signature, it is necessary to additionally install the root certificate of the corresponding national certification authority. Thus, the main clients of Russian CAs are government agencies that are required to work with GOSTs. And international digital signatures, such as GlobalSign , can be used around the world, including in Russia.

The world's largest trusted services for electronic documents are Adobe Trusted List (AATL) and Microsoft Root Trust . Certification centers and trusted service providers included in this list produce certificate-based digital identifiers and time stamp services that comply with legal and regulatory requirements in the world, such as the EU eIDAS standard.

Microsoft supports two types of digital signatures, which are divided into visible and invisible
Invisible digital signature is not displayed in the contents of the document itself. But the recipients of the document can determine that it was signed by finding the red ribbon in the document status bar at the bottom of the screen or by viewing the signature area.
The visible digital signature is displayed as a signature string, as in a physical document. Adding one or more lines of digital signature to a document allows you to specify who should sign the document. The signer applies his digital signature in the created signature line and can add an image of his physical signature.

The PDF Signing certificate is used for certification and for approval of PDF documents. The recipient of the certified document knows that the document is authentic, received from a trusted source, and has not been forged. Signatures of approval of the document is an electronic analogue of the handwritten signature on physical documents.

Digital handwritten signature

Finally, it is worth mentioning another interesting technology - digital handwritten signature. The PIU is not yet enshrined in Russian legislation, but there is reason to believe that this will happen in the future. For example, in neighboring Belarus digital handwritten signatures legalized from March 3, 2018 in the banking sector.

PIU can be put down:

• remotely with the help of special software and hardware (including tablets and displays);
• with the personal presence of the client.

In essence, the PIR is a digital equivalent of a physical signature. This is a definite attempt to alleviate the shortcomings inherent in the physical signature, including the difficulty of determining the authenticity of the signature.

Examination of the PCR can be carried out almost instantly, using a programmatic approach. A digital tablet registers not only the outlines of the signature characters, but also other parameters that are analyzed during the physical signature examination - the position of the end of the pen (stylus) at certain points in time, the angle of the pen and the pressure exerted on the tablet. The data obtained using graphics tablets reflect the dynamics of the muscular movements of the arm, and, therefore, are a biometric characteristic of a particular person.

For example, the illustration below shows an example of information collected from a tablet in the process of dynamic recognition of a digital handwritten signature: stylus coordinates, pressure, azimuth and slope.



In the case of a physical signature, the listed characteristics are analyzed by experts. CPD analysis is performed programmatically using the listed characteristics using pattern recognition techniques such as the algorithm for dynamic timeline transformation , hidden Markov models, and vector quantization (Kohonen neural networks).

Dynamic handwritten signature recognition is an example of behavioral biometrics . Methods based on behavioral biometrics are considered better protected from counterfeiting than physiological biometrics with static recognition (fingerprint, eye iris, palm geometry, etc.), although there are certain difficulties due to the variability of characteristics. In this area is active research work.

The first international handwriting signature verification program competition: Signature Verification Competition (SVC) was held in early 2004. Now the ICFHR (International Conference on Frontiers in Handwriting Recognition) conference is held annually, within which several contests are organized.

Thus, over time, a handwritten signature can get a “second life” in the digital age, if it is recognized as a reliable method of biometric verification and the relevant legislation is adopted to legalize the PIU.

---

PROMOTION GLOBALSIGN: Wildcard SSL + 1 YEAR AS A GIFT
Protect all subdomains with one certificate!

Save up to 30 thousand rubles when you buy Wildcard SSL certificate for 2 years!
Promotional Code: WC001HRFR

The promotion is valid for subscribers of the blog GlobalSign until June 15, 2018.

For more information, please contact GlobalSign managers by phone: +7 (499) 678 2210 or by filling out a form on the website indicating the promotional code.